Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Catch up on the day's biggest business stories
Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter
Stay on top of the latest market trends
Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.
Sports news worthy of your time
Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.
Tech news worthy of your time
Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.
Get the inside stories
Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Want a daily digest of the top Denver news?
Get a daily digest of the most important stories affecting your hometown with Axios Denver
Want a daily digest of the top Des Moines news?
Get a daily digest of the most important stories affecting your hometown with Axios Des Moines
Want a daily digest of the top Twin Cities news?
Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities
Want a daily digest of the top Tampa Bay news?
Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay
Want a daily digest of the top Charlotte news?
Get a daily digest of the most important stories affecting your hometown with Axios Charlotte
Sign up for Axios NW Arkansas
Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters
Illustration: Aïda Amer/Axios
53% of IT security managers don't know whether the cybersecurity products they use actually work as promised, according to an upcoming survey from the Ponemon Institute and security firm AttackIQ.
Why it matters: It's a little unsettling to find out a captain has no idea if the ship is watertight.
- Plus, if 53% seems bad, it's probably a whole lot worse. "People are more likely to say they are confident about themselves, so when you see a study showing low confidence, it’s possibly a lot worse," said Larry Ponemon, of the eponymous Institute.
- The survey included 577 responses from IT managers.
The cybersecurity industry is good at inspiring a lack of faith in the cybersecurity industry.
- Buzz words bandied about in slogans frequently generate as much skepticism as they do enthusiasm. The notion of snake oil products has been so pervasive that companies now advertise around it.
- "You sometimes see companies market their products to the threat of the day but not adapt the tool," says Kiersten Todt, managing director of the Cyber Readiness Institute.
To be sure: Many cybersecurity tools are pretty good at what they do. The problem is that the function of security products is a black box — users can't see the gears turning to verify that a tool works or that they are using it properly.
- "There’s been no methodical approach to check if a product is working as intended," said Chris Kennedy, chief information security officer at study sponsor AttackIQ, which sells products to simulate attacks.
The bottom line: In a better world, security products would inspire more confidence from the people who use them — especially given the cost of cybersecurity.
"Do you have confidence in your door locks?" Kennedy. says. "Put millions of dollars in investment into them, then, yeah, you should have confidence in the product."